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(54) Safe transmission of broadband data messages 



(57) An arrangement for providing secure transmis- 
sion of information. The bulk of the information is trans- 
mitted over non-secure channels such as broadcast 
media which terminate on a plurality of receiving sta- 
tions. However, a residue of data is transmitted over a 
protected channel, such as a point-to-point channel, 
established for example, by a telephone connection. 
Interception of a complete message, when only the bulk 



of the message is available, becomes very difficult. It 
becomes even more difficult if scrambling arrangements 
are used to select the particular bits of the data mes- 
sage that are transmitted over the secure channel. It 
becomes still more difficult, if the data transmitted over 
the secure channel, itself, alters the scrambling algo- 
rithm. 
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Description 
Technical Held: 

[0001] This invention relates to methods and appa- s 
ratus for transmitting data messages in such a way that 
interception is virtually impossible. 

Problem: 

10 

[0002] With the increased use of the Internet, and 
especially of the Internet as used to transmit broadband 
data signals, the necessity for avoiding unauthorized 
interception of such messages becomes ever more crit- 
ical. Methods have been proposed using a decryption 15 
key which is reliably transported to a destination. A 
message that has been encrypted using a correspond- 
ing encryption key, and sent over an interceptible 
medium, then requires that the message be decrypted 
by an authorized recipient, who has the key, or an unau- 20 
thorized recipient, who does not have the key. Various 
encryption schemes have been proposed, but the ever 
increasing power of modem computers makes unau- 
thorized decryption an ever increasing threat. Much of 
the information from the Internet will be broadcast into a 25 
plurality of homes over a shared medium such as a co- 
axial cable, an optical fiber cable, or wireless, having the 
characteristic that it is easy for unauthorized recipients 
to intercept the raw signal that is not destined for them. 
A problem of the prior art, therefore, is that it is difficult 30 
to prevent unencrypted signals which are broadcast to a 
plurality of destinations from being illegally intercepted 
by an unwanted destination; even intercepted encrypted 
messages may no longer be safe from decryption by 
unwanted users. 35 

Solution: 

[0003] The above problem is solved, and an 
advance is made over the prior art in accordance with 40 
this invention wherein a fraction of the data that is to be 
transmitted from a source to a destination is withheld 
from a broadcast medium, and is instead transmitted 
over a more secure and private medium such as a tele- 
phone connection; the data received over the broadcast 45 
medium is then combined with the data that had been 
withheld from the broadcast medium, but transmitted 
over the secure medium in order to derive the complete 
data message. Advantageously, such an arrangement 
makes decryption essentially imposs-ible since the so 
interceptor cannot access the full data of the data mes- 
sage. In many cases, the secure connection exists as 
an upstream connection for controlling the source of the 
data message; by using this upstream connection as a 
two-way connection, a separate downstream connec- 55 
tion is conveniently formed to convey the data that had 
been withheld from the broadcast medium. 
[0004] In accordance with one embodiment of the 



invention, the full data is first scrambled before a regular 
and repetitive portion of the data is extracted to be with- 
held from the broadcast medium, and to be transmitted 
over the secure medium. Advantageously, such an 
arrangement makes partial decryption much more diffi- 
cult. 

Brief Description of the Drawing: 
[0005] 

Figure 1 is a block diagram, illustrating the princi- 
ples of Applicant's invention. 

Detailed Description: 

[0006] Figure 1 is a block diagram illustrating the 
operation of the invention. A source of the data mes- 
sage 1 , such as a Web Server, transmits a data mes- 
sage over the Internet to an Internet Service Provider 
(ISPN) Computer 3. The Computer includes software, 
or hardware for performing a split and scramble function 
4, and the split signal is then sent partly to the broadcast 
transmitter 5, and partly over the point-to-point public 
switched telephone network 8. The bulk of the data 
goes to the broadcast transmitter 5, which transmits this 
data over a broadcast medium 6 (such as a co-axial 
cable, a fiber optic cable, a radio channel, and a combi- 
nation of ones of these media). From the broadcast 
medium, a broadcast receiver 7 receives the broadcast 
portion of the data signal. The public switched tele- 
phone network 8 transmits the non-broadcast portion to 
a modem, or an integrated services digital network 
(ISDN) termination 9. The output of the broadcast 
receiver 7 and the modem, or ISDN termination, is 
transmitted to a subscriber computer 10 which includes 
a merge and unscramble function 11, to combine the 
two signals in order to reconstitute the original data sig- 
nal. 

[0007] The connection from the subscriber compu- 
ter to the ISP computer, and thence to the source of the 
data, is made in the course of establishing the connec- 
tion between the subscriber computer and the source. 
The source being identified by a URL (Universal 
Resource Locator) number. This makes the use of this 
arrangement very practical since no extraneous con- 
nections are required. 

[0008] In order to make the scheme even more fool- 
proof, the data that is transmitted over the secure chan- 
nel can be used to specify the splitting arrangement. For 
example, suppose that every 19th bit is transmitted over 
the secure channel; initially the first bit that is received 
over the secure channel could be inserted into the 1 0th 
bit position of the 19 bits received from both the secure 
and non-secure channel. Then, if that bit is zero, a sub- 
sequent bit received over the secure channel, could be 
inserted in the 1 1th bit of the next group of 19 bits trans- 
mitted over the secure and non-secure channel. If the 
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bit received over the secure channel were a 1 , then the 
next bit received over the secure channel would be 
inserted in the 9th position of the next group of 19 bits 
transmitted over the secure and non-secure channel. 
Thus, the secure information actually specifies the split- s 
ting arrange-ment between the secure and the non- 
secure information, greatly increasing the difficulty of 
successfully intercepting and decrypting the transmitted 
information. The splitting and merging operations are, of 
course, synchronized. 10 
[0009] Alternatively, or additionally, the segments of 
the total message can be scrambled. With simple 
scrambling, the order of bits is changed in each seg- 
ment before transmitting; the unscrambling process 
then reorders the received bits of each segment to be in 15 
the original order, with the bit received over the secure 
channel being inserted in a fixed position of each seg- 
ment. 

[0010] Alternatively, scrambling itself may be influ- 
enced by the content of the secure channel. For exam- 20 
pie, if the secure channel signal is a 1, then a first 
scrambling algorithm is used on the data of a corre- 
sponding, or succeeding segment over the non-secure 
channel; if it is 0. a second scrambling algorithm. Multi- 
ple scrambling algorithms based on several bits of the 25 
secure channel can also be used. 
[0011] Scrambling and splitting according to the 
contents of the secure channel can be combined. For 
example, the splitting arrangement described above 
can precede a scrambling operation prior to transmitting 30 
a scrambled segment over the non-secure channel. The 
contents of the non-secure channel are then unscram- 
bled at the receiver and the bit received over the secure 
channel is inserted into its appropriate position in 
accordance with the insertion scheme described above. 35 
[0012] On top of the technique for splitting in 
accordance with data transmitted over the secure chan- 
nel and/or the scrambling technique, both described 
above, the whole message can be encrypted, thus, fur- 
ther complicating the task of the interceptor. Even with- 40 
out encryption, if the secure channel remains secure, 
and the splitting period is not the same as the period of 
sub-sections of the data, (e.g., one byte long), the 
encryption of a message based on the broadcast chan- 
nel information only, should continue to be very difficult. 45 
[0013] Many variations of the preferred embodi- 
ment will be apparent to those of ordinary skill in the art. 
The invention is limited only by the attached Claims. 

Claims so 

1 . Apparatus for transmitting data comprising: 
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nal representing the bulk of the data, and a 
second signal representing the residue of the 
data; 

means for combining the first signal, and the 
second signal into a combined signal repre- 
senting all of the data; 

wherein said means for splitting the data trans- 
mits the bulk of the data over said non-secure 
connection, and transmits the residue of the 
data over said secure connection. 

2. The apparatus of Claim 1 , wherein: 

the first signal is transmitted over a broadcast 
connection receivable by a plurality of receiv- 
ers; and 

the second signal is transmitted over a point-to- 
point connection receivable by only a single 
receiver. 

3. The apparatus of Claim 1 , wherein said means for 
splitting, comprises means for generating a scram- 
bled second signal. 

4. The apparatus of Claim 3, wherein said means for 
generating a scrambled signal comprises means for 
generating a scrambled signal dependent on the 
contents of the data transmitted by the second sig- 
nal. 

5. The apparatus of Claim 1 , wherein the means for 
splitting the data signal performs a split that is 
dependent on the contents of the data transmitted 
by the second signal. 

6. A method for reliably transmitting and receiving 
data comprising the steps of: 

splitting a data signal representing said data 
into a first signal representing the bulk of the 
data, and a second signal representing the res- 
idue of the data; 

transmitting the first signal over an unprotected 
medium; 

transmitting the second signal over a protected 
medium; 

receiving the first and second signals; and 
combining the first signal and the second signal 
into a combined signal representing said data. 

7. The method of Claim 6, wherein the step of trans- 
mitting the first signal comprises the step of: 



a non-secure connection for transmitting the 
bulk of the data; 

a secure connection for transmitting the resi- 
due of the data; 

means for splitting a data signal into a first sig- 



transmitting the first signal over a broadcast 
55 medium, receivable by a plurality of receivers; 

and 

wherein the step of transmitting the second sig- 
nal comprises the step of transmitting the sec- 



3 



5 



EP 0 993 142 A1 



ond signal over a connection receivable by only 
a single receiver. 

8. The method of Claim 6, wherein said step of split- 
ting said data signal comprises the step of scram- 5 
bling data of said first signal. 

9. The method of Claim 8, wherein said signal step of 
scrambling data of said first signal, comprises 
scrambling as determined by the contents of the 10 
data transmitted by the second signal. 

10. The method of Claim 6, wherein said step of split- 
ting said data signal comprises the step of splitting 

the data signal dependent on the contents of the is 
data transmitted by the second signal. 
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